-
Type:
Bug
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 12.0.3
-
Fix Version/s: 12.0.4
-
Component/s: authentication
-
Support Ticket IDs:
If the function
@Override public boolean hasNext() throws ErrorResultIOException { // Poll for the next response if needed. final Response r = getNextResponse(); if (!(r instanceof Result)) { // Entry or reference. return true; } // Final result. final Result result = (Result) r; if (result.isSuccess()) { return false; } throw new ErrorResultIOException(newErrorResult(result)); }
throw the ErrorResultIOException, then OpenAM throws the NPE.
Expected result:
A correct error handling and a generic authentication failure for the user.
Current result:
As the error is not handled correctly, the flow is instantly stopped. The user will get a 500.
NPE:
java.lang.NullPointerException at com.sun.identity.authentication.modules.ldap.LDAP.process(LDAP.java:453) at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:1035) at com.sun.identity.authentication.spi.AMLoginModule.login(AMLoginModule.java:1209) at sun.reflect.GeneratedMethodAccessor68.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.sun.identity.authentication.jaas.LoginContext.invoke(LoginContext.java:210) at com.sun.identity.authentication.jaas.LoginContext.login(LoginContext.java:123) at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:558) at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:699) at com.sun.identity.authentication.UI.LoginViewBean.processLoginDisplay(LoginViewBean.java:1367) at com.sun.identity.authentication.UI.LoginViewBean.processLogin(LoginViewBean.java:854) at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:522) at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981) at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615) at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473) at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.forgerock.openam.xui.XUIFilter.doFilter(XUIFilter.java:131) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1099) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1520) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1476) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
How to reproduced?
I was in debug mode, forcing returned values of function and changing variables value... That's not something I can describe there unfortunately